A rule consists of two parts. The first part is the trigger events that determine when to execute the rule. The second part is the scripting code that contains the logic of the rule. The Security Client provides three namespaces and five interfaces for the script, which allows the script to control or access the client.
The namespaces are as follows:
Query: Provides methods to get the current state of the client. For example, information about the adapters, shield states, and location.
Action: Provides methods that get the client to do something. For example, a call that puts the client into a quarantined shield state.
Storage: Provides a mechanism for the script to store variables for the session or permanently. These could be used to tell the script if the rule had failed the last time it was run. It could be used to store when this rule last ran.
The interfaces are as follows:
IClientAdapter: Describes an adapter in the client network environment.
IClientEnvData: Returns environment data about a server or wireless access point.
IClientNetEnv: Provides network environment information.
IClientWAP: Provides information about a wireless access point.
IClientAdapterList: Lists the adapters in the client network environment.